Storyden
Admin

Admin O Auth Client Update

Update an OAuth client. Changing allowed grants or scopes only affects future authorisation and refresh operations. Already-issued JWT access tokens remain valid until their expiry unless their signing key is rotated. For account-owned clients, allowed permission scopes must be grantable by the owning account. An account with `ADMINISTRATOR` may configure any Storyden permission scope because `ADMINISTRATOR` implicitly grants all permissions.

Update an OAuth client.

Changing allowed grants or scopes only affects future authorisation and refresh operations. Already-issued JWT access tokens remain valid until their expiry unless their signing key is rotated.

For account-owned clients, allowed permission scopes must be grantable by the owning account. An account with ADMINISTRATOR may configure any Storyden permission scope because ADMINISTRATOR implicitly grants all permissions.

PATCH/admin/oauth/clients/{oauth_client_id}

Authorization

storyden-session<token>

In: cookie

Path Parameters

oauth_client_id*string

OAuth client ID.

Formatxid

Request Body

application/json

client_secret_hash?string
name?string
scope_policy?string
Value in"explicit" | "inherit"
redirect_uris?array<>
allowed_scopes?array<>
allowed_grants?array<>

Response Body

application/json

application/json

curl -X PATCH "https://loading/api/admin/oauth/clients/cc5lnd2s1s4652adtu50" \  -H "Content-Type: application/json" \  -d '{}'
{
  "id": "cc5lnd2s1s4652adtu50",
  "createdAt": "2019-08-24T14:15:22Z",
  "updatedAt": "2019-08-24T14:15:22Z",
  "account_id": "cc5lnd2s1s4652adtu50",
  "client_id": "string",
  "name": "string",
  "type": "public",
  "scope_policy": "explicit",
  "redirect_uris": [
    "http://example.com"
  ],
  "allowed_scopes": [
    "string"
  ],
  "allowed_grants": [
    "string"
  ]
}
Empty
Empty
Empty
{
  "error": "string",
  "message": "string",
  "suggested": "string",
  "metadata": {}
}
Edit on GitHub

Admin O Auth Client List GET

List OAuth clients registered for this instance. This admin view includes both member-created third-party clients and built-in first-party clients. Built-in clients will not be owned by an account; their grants and refresh tokens are owned by the approving account instead.

Admin O Auth Device Authorisation List GET

List OAuth device authorisation records. Device authorisation records are short-lived records created by the OAuth 2.0 Device Authorization Grant. They are not owned by an account until a signed-in user claims and approves or denies the user code.